iptables -N filter_forward
iptables -F filter_forward
iptables -F filter_forward
iptables -A FORWARD -j filter_forward
iptables -N mac_filter
iptables -F mac_filter
iptables -F mac_filter
iptables -A filter_forward -j mac_filter
#黑名单
iptables -A mac_filter -i br0 -m mac --mac-source xx:xx:xx:xx -j DROP
iptables -A mac_filter -j ACCEPT
#白名单
iptables -A mac_filter -i br0 -m mac --mac-source xx:xx:xx:xx -j ACCEPT
iptables -A mac_filter -i br0 -j DROP
iptables -A mac_filter -j ACCEPT